Dear btrfs community, Please accept my apologies in advance if I missed something in recent btrfs development; my MUA tells me I'm ~1500 unread messages out-of-date. :/
I recently read about "mount -t btrfs -o user_subvol_rm_allowed" while doing reading up on LXC handling of snapshots with the btrfs backend. Is this mount option per-subvolume, or per volume? Also, what mechanisms to restrict a user's ability to create an arbitrarily large number of snapshots? Is there a user_subvol_create_deny|allowed? What I've read about the inverse correlation between number of subvols to performance, a potentially hostile user could cause an IO denial of service or potentially even trigger an ENOSPC. From what I gather, the following will reproduce the hypothetical issue related to my question: # as root btrfs sub create /some/dir/subvol chown some-user /some/dir/subvol # as some-user cd /home/dir/subvol cp -ar --reflink=always /some/big/files ./ COUNT=1 while [ 0 -lt 1 ]; do btrfs sub snap ./ ./snapshot-$COUNT COUNT=COUNT+1 sleep 2 # --maybe unnecessary done -- I hope there's something I've misunderstood or failed to read! Please CC me so your reply will hit my main inbox :-) Nicholas
signature.asc
Description: Digital signature
